From 3cae3e2f7fdd4de06577dee4e19b5cc23d8f46c3 Mon Sep 17 00:00:00 2001 From: Jakub Vrana Date: Fri, 26 Apr 2013 19:24:07 -0700 Subject: [PATCH] Fix LIKE backslash escaping --- adminer/drivers/mysql.inc.php | 6 +++--- adminer/user.inc.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/adminer/drivers/mysql.inc.php b/adminer/drivers/mysql.inc.php index 493eee4d..eca33c48 100644 --- a/adminer/drivers/mysql.inc.php +++ b/adminer/drivers/mysql.inc.php @@ -370,7 +370,7 @@ if (!defined("DRIVER")) { */ function table_status($name = "") { $return = array(); - foreach (get_rows("SHOW TABLE STATUS" . ($name != "" ? " LIKE " . q(addcslashes($name, "%_")) : "")) as $row) { + foreach (get_rows("SHOW TABLE STATUS" . ($name != "" ? " LIKE " . q(addcslashes($name, "%_\\")) : "")) as $row) { if ($row["Engine"] == "InnoDB") { // ignore internal comment, unnecessary since MySQL 5.1.21 $row["Comment"] = preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["Comment"]); @@ -733,7 +733,7 @@ if (!defined("DRIVER")) { */ function triggers($table) { $return = array(); - foreach (get_rows("SHOW TRIGGERS LIKE " . q(addcslashes($table, "%_"))) as $row) { + foreach (get_rows("SHOW TRIGGERS LIKE " . q(addcslashes($table, "%_\\"))) as $row) { $return[$row["Trigger"]] = array($row["Timing"], $row["Event"]); } return $return; @@ -924,7 +924,7 @@ if (!defined("DRIVER")) { */ function trigger_sql($table, $style) { $return = ""; - foreach (get_rows("SHOW TRIGGERS LIKE " . q(addcslashes($table, "%_")), null, "-- ") as $row) { + foreach (get_rows("SHOW TRIGGERS LIKE " . q(addcslashes($table, "%_\\")), null, "-- ") as $row) { $return .= "\n" . ($style == 'CREATE+ALTER' ? "DROP TRIGGER IF EXISTS " . idf_escape($row["Trigger"]) . ";;\n" : "") . "CREATE TRIGGER " . idf_escape($row["Trigger"]) . " $row[Timing] $row[Event] ON " . table($row["Table"]) . " FOR EACH ROW\n$row[Statement];;\n"; } diff --git a/adminer/user.inc.php b/adminer/user.inc.php index fff17dcc..873bf427 100644 --- a/adminer/user.inc.php +++ b/adminer/user.inc.php @@ -120,7 +120,7 @@ if ($_POST) { if ($old_pass != "") { $row["hashed"] = true; } - $grants[(DB == "" || $grants ? "" : idf_escape(addcslashes(DB, "%_"))) . ".*"] = array(); + $grants[(DB == "" || $grants ? "" : idf_escape(addcslashes(DB, "%_\\"))) . ".*"] = array(); } ?>